Tech-invite3GPPspaceIETFspace
21222324252627282931323334353637384‑5x
Top   in Index   Prev   Next

TR 33.738
Study on Security aspects of Enablers for
Network Automation for the 5G System
Phase 3

3GPP‑Page   fToC   Partial Content
V18.1.0 (Wzip)  2023/09  68 p.
Rapporteur:
Mr. Liu, Chang
China Mobile Com. Corporation

full Table of Contents for  TR 33.738  Word version:  18.1.0

each clause number in 'red' refers to the equivalent title in the Partial Content
Here   Top
1Scope  p. 8
2References  p. 8
3Definitions of terms, symbols and abbreviations  p. 8
3.1Terms  p. 8
3.2Symbols  p. 9
3.3Abbreviations  p. 9
4Overview  p. 9
5Key issues  p. 9
5.1Key Issue #1: Protection of data and analytics exchange in roaming case  p. 9
5.1.1Key issue details  p. 9
5.1.2Security threats  p. 9
5.1.3Potential security requirements  p. 10
5.2Key Issue #2: Authorization of selection of participant NWDAF instances in the Federated Learning group  p. 10
5.2.1Key issue details  p. 10
5.2.2Security threats  p. 10
5.2.3Potential security requirements  p. 10
5.3Key Issue #3: Security for AI/ML model storage and sharing  p. 11
5.3.1Issue details  p. 11
5.3.2Security Threats  p. 11
5.3.3Potential security requirements  p. 11
5.4Key Issue #4: Anomalous NF behaviour detection by NWDAF  p. 11
5.4.1Issue details  p. 11
5.4.2Security Threats  p. 12
5.4.3Potential security requirements  p. 12
5.5Key Issue #5: KI on Security for NWDAF-assisted application detection  p. 12
5.5.1Key issue details  p. 12
5.5.2Security threats  p. 12
5.5.3Potential security requirements  p. 12
5.6Key Issue #6: Key issues on Cyber-attack detection  p. 13
5.6.1Key Issue Details  p. 13
5.6.2Security Threats  p. 13
5.6.3Potential Security Requirements  p. 13
6Solutions  p. 13
6.0Mapping Solutions to Key Issues  p. 14
6.1Solution #1: Authorization of AI/ML model retrieving  p. 14
6.1.1Introduction  p. 14
6.1.2Solution details  p. 14
6.1.2.1Authorization of AI/ML model retrieving from NWDAF  p. 14
6.1.2.2Authorization of AI/ML model retrieving from ADRF  p. 14
6.1.3Evaluation  p. 15
6.2Solution #2: Authorization and Authentication of ML model transfer  p. 15
6.2.1Introduction  p. 15
6.2.2Solution Details  p. 15
6.2.3Evaluation  p. 17
6.3Solution #3: AI/ML model authorization and retrieval  p. 17
6.3.1Introduction  p. 17
6.3.2Solution details  p. 17
6.3.3Evaluation  p. 19
6.4Solution #4: AI/ML model storage and sharing security  p. 20
6.4.1Introduction  p. 20
6.4.2Solution details  p. 20
6.4.3Evaluation  p. 23
6.5Voidp. …
6.6Solution #6: Anomalous NF behaviour detection by NWDAF  p. 23
6.6.1Introduction  p. 23
6.6.2Solution details  p. 24
6.6.2.1General  p. 24
6.6.2.2Collection of security related log data of NFs via NFs EventExposure APIs  p. 24
6.6.2.3Collection of security related log data of NFs via OAM  p. 25
6.6.3Evaluation  p. 28
6.7Solution #7: Secured and authorized AI/ML model transfer and retrieval  p. 29
6.7.1Introduction  p. 29
6.7.2Solution details  p. 29
6.7.3Evaluation  p. 31
6.8Solution #8: Protection of data and analytics exchange in roaming case  p. 32
6.8.1Introduction  p. 32
6.8.2Solution details  p. 32
6.8.3Evaluation  p. 34
6.9Solution #9: Anomalous NF behaviour event related data collection and anomalous NF detection  p. 34
6.9.1Introduction  p. 34
6.9.2Solution details  p. 34
6.9.3Evaluation  p. 37
6.10Solution #10: Authorization of AI/ML model sharing between different vendors and usage of one-time URLs  p. 37
6.10.1Introduction  p. 37
6.10.2Solution details  p. 38
6.10.3Evaluation  p. 40
6.11Solution #11: Secured and authorized AI/ML model sharing between different vendors  p. 40
6.11.1Introduction  p. 40
6.11.2Solution details  p. 40
6.11.3Evaluation  p. 43
6.12Solution #12: Secured and authorized AI/ML model sharing between different vendors  p. 43
6.12.1Introduction  p. 43
6.12.2Solution details  p. 43
6.12.3Evaluation  p. 45
6.13Solution #13: Support authorization of AI/ML model sharing By NWDAF containing MTLF  p. 45
6.13.1Introduction  p. 45
6.13.2Solution details  p. 46
6.13.3Evaluation  p. 48
6.14Solution #14: Protection of data and analytics exchange in roaming case using Secure Multi-party Computation  p. 48
6.14.1Introduction  p. 48
6.14.2Solution details  p. 48
6.14.2.1Data Privacy Computing Function DPCF  p. 48
6.14.2.2Data collection protection architecture based on Secure Multi-party Computation  p. 49
6.14.3Evaluation  p. 50
6.15Solution #15: Authorization of selection of participant NWDAF instances in the FL group  p. 50
6.15.1Introduction  p. 50
6.15.2Solution details  p. 50
6.15.3Evaluation  p. 51
6.16Solution #16: FL GROUP AUTHORIZATION OF NWDAF(S) IN 5GC  p. 51
6.16.1Introduction  p. 51
6.16.2Solution details  p. 51
6.16.3Evaluation  p. 53
6.17Solution #17: Authorization of FL Server and FL Client in FL group  p. 54
6.17.1Introduction  p. 54
6.17.2Solution details  p. 54
6.17.3Evaluation  p. 56
6.18Solution #18: Solution for authorization in FL  p. 56
6.18.1Introduction  p. 56
6.18.2Solution details  p. 56
6.18.3Evaluation  p. 58
6.19Solution #19: Access control for user plane data  p. 58
6.19.1Introduction  p. 58
6.19.2Solution details  p. 58
6.19.3Evaluation  p. 60
6.20Solution #20: Cyber attack detection using an analytics function  p. 60
6.20.1Introduction  p. 60
6.20.2Solution details  p. 60
6.20.3Evaluation  p. 63
6.21Solution #21: Authorization of data and analytics exchange in roaming case  p. 63
6.21.1Introduction  p. 63
6.21.2Solution details  p. 64
6.21.3Evaluation  p. 65
7Conclusions  p. 65
7.1Conclusion on Key Issue #1 "Protection of data and analytics exchange in roaming case"  p. 65
7.2Conclusion on Key Issue #2 "Authorization of selection of participant NWDAF instances in the Federated Learning group"  p. 65
7.3Conclusion on Key Issue #3 "Security for AI/ML model storage and sharing"  p. 66
7.4Conclusion on Key Issue #4 " Anomalous NF behaviour detection by NWDAF "  p. 66
7.5Conclusion on Key Issue #5 "Security for NWDAF-assisted application detection"  p. 66
7.6Conclusion on Key Issue #6 "Key issues on Cyber-attack detection"  p. 67
$Change history  p. 68

Up   Top